Ethereum’s Privacy Upgrade
Nearly a year on from the Merge, Ethereum has made great strides on reducing its environmental footprint (PoS) and increasing its scalability with rollups and the burgeoning L2 networks built on this zk-tech. Transparency and immutability are hallmarks of blockchain technology, however most consumers and businesses do not want every transaction to be visible on-chain for all to see.
Regulators on the other hand want the ability to verify transactions, prevent financial crime and fight money laundering. Ethereum needs to address the issue of privacy and with it regulatory compliance to enable institutional adoption. It seems Vitalik and friends have also been thinking about privacy when it comes to public blockchains.
A Practical Equilibrium
In a recent research paper, “Blockchain Privacy and Regulatory Compliance: Towards a Practical Equilibrium”, published with Ameen Soleimani from Privacy Pools, Jacob Illum from Chainalysis, and two researchers from the University of Basel; Vitalik delves into the subject of establishing a neutral infrastructure to incorporate privacy into blockchain transactions.
Building on Privacy Pools, a smart contract-based privacy protocol, the paper demonstrates how to create a separating equilibrium between honest and dishonest users. The core idea of the proposal is to allow users to publish a zero-knowledge proof, demonstrating that their funds (do not) originate from known (un-)lawful sources, without publicly revealing their entire transaction history, thus proving regulatory compliance while maintaining privacy.
Privacy and regulatory compliance are crucial if Ethereum is to become the infrastructure for institutional players to transact on-chain. Having consulted with legal experts, Privacy Pools and the tech behind it can bring public blockchains into regulatory compliance across jurisdictions and enable mainstream institutional adoption.
Building regulatory-compliant privacy
Vitalik and friends introduce the concept of association set providers (ASPs), who generate association sets. Association sets are a group of wallets connected via zero-knowledge proofs; as the diagram illustrates below these could be based on:
- Inclusion (or membership): identify a specific set of deposits for which there is specific evidence these are low-risk, and construct an association set containing only those deposits.
- Exclusion: identify a specific set of deposits for which there is specific evidence to believe that they are high-risk, and construct an association set containing everything but those deposits.
This design attempts to implement the spirit of many common AML rules today, where low-value payments below a certain threshold are given much greater levels of privacy than high-value payments. ASPs could be entirely constructed on-chain, requiring no human (or AI) intervention. Alternatively, ASPs may independently generate association sets and subsequently publish them on-chain. AI agents and smart contracts could be programmed to ‘review and regulate’ association sets without the need for manual oversight.
Ethereum’s ultimate goal should be to create an equilibrium where privacy and regulatory compliance are no longer incompatible or mutually exclusive. Vitalik and friends are arguing for a new and different approach, using infrastructure to create privacy AND compliance in a regulated environment while reducing the risk of exploitation by dark web actors and fighting financial crime. It’s about time.